SaTC: CORE: Small: Collaborative: Oblivious ISAs for Secure and Efficient Enclave Programming

SaTC：核心：小型：协作：用于安全高效 Enclave 编程的不经意的 ISA

• 批准号: 1817020
• 负责人: Mohit Tiwari
• 金额: $ 25万
• 依托单位: University of Texas at Austin
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-08-15 至 2022-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1817020&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Collaborative; Oblivious

Computing on personal data is critical for both personal and social good. For example, we write programs that predict early onset medical conditions and detect the spread of diseases before they become epidemics. However, such computing is fraught with privacy concerns because programs, and the hardware they run on, create a trail of clues that an attacker can observe to reconstruct personal data without ever seeing the data directly. This project will create computer systems that proactively leave no clues, i.e., no side-effects that can leak personal secrets.The technical approach is to introduce a new Oblivious Instruction Set Architecture (OISA) for side-channel secure execution. The key idea in OISAs is to decouple the programming model from the concrete techniques that prevent information leaks. The first project thrust will investigate a range of Oblivious instructions---from simple oblivious instructions like an oblivious conditional move or oblivious load to more complex instructions like oblivious sort or floating point operations---to improve performance. The second project thrust will investigate how each of these instructions can be ported across threat models, e.g., digital and power side channels.By decoupling threat model from programming model, OISAs will unlock innovation on both software and hardware fronts. Programmers can focus on identifying secret variables that are intrinsic to applications, while abstracting out micro-architecture and threat model details. Hardware architects can focus on how to efficiently protect those secrets, and how to patch existing implementations when new threats emerge. To support this philosophy, the project will train a new class of students and researchers who can work across circuits, micro-architecture, compilers and applied cryptography to build secure systems and, in the future, apply the lessons learned to other high-impact problems that require cross-layer solutions.The OISA project will store all publications, code, and data-sets on public-facing websites, hosted at both University of Texas and Illinois for at least 3 years after the end of the project. This information will be made available via commercial websites. Links to these websites will be mirrored at http://spark.ece.utexas.edu/oisa and http://cwfletcher.net/oisa.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

对个人数据进行计算对个人和社会利益都是至关重要的。例如，我们编写的程序可以预测早期发病的医疗条件，并在疾病成为流行病之前检测疾病的传播。然而，这样的计算充满了隐私问题，因为程序及其运行的硬件会产生一系列线索，攻击者可以观察到这些线索，从而重建个人数据，而永远不会直接看到数据。该项目将创建主动不留下任何线索的计算机系统，即没有可能泄露个人机密的副作用。技术方法是引入一种新的旁路安全执行的不经意指令集体系结构(OISA)。OISA中的关键思想是将编程模型与防止信息泄漏的具体技术分离。第一个项目推力将研究一系列不经意的指令-从简单的不经意的指令，如不经意的条件移动或不经意的加载，到更复杂的指令，如不经意的排序或浮点运算-以提高性能。第二个项目将研究如何将这些指令移植到威胁模型中，例如数字和电源端通道。通过将威胁模型与编程模型分离，OISA将在软件和硬件方面释放创新。程序员可以专注于识别应用程序固有的秘密变量，同时抽象出微体系结构和威胁模型细节。硬件架构师可以专注于如何有效地保护这些机密，以及如何在出现新威胁时修补现有实施。为了支持这一理念，该项目将培训一批新的学生和研究人员，他们可以跨电路、微体系结构、编译器和应用密码学工作来构建安全系统，并在未来将所学到的经验应用于其他需要跨层解决方案的高影响问题。OISA项目将在项目结束后在德克萨斯大学和伊利诺伊州大学托管的面向公众的网站上存储所有出版物、代码和数据集，至少3年。这些信息将通过商业网站提供。这些网站的链接将反映在http://spark.ece.utexas.edu/oisa上，http://cwfletcher.net/oisa.This奖项反映了国家科学基金会的法定使命，并通过使用基金会的智力优势和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Morpheus II: A RISC-V Security Extension for Protecting Vulnerable Software and Hardware

Morpheus II：用于保护易受攻击的软件和硬件的 RISC-V 安全扩展

• DOI: 10.1109/hcs52781.2021.9567000
• 发表时间: 2021
• 期刊: Hardware Oriented Security and Trust (HOST
• 作者: Austin Harris, Tarunesh Verma